snyk-bot
|
4839b0e008
|
fix: package.json & package-lock.json to reduce vulnerabilities
The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-BOOTSTRAPTABLE-1657597
|
2021-11-13 05:19:33 +00:00 |
|
Andrew Shulgin
|
d3ddafdff4
|
Dockerfile: symlink for ldap_client_tls.{cert,key}
|
2021-11-13 03:00:09 +02:00 |
|
Ivan Nieto Vivanco
|
b07db3b324
|
Added the current_value string to correspondig 'en' language directory
|
2021-11-11 14:43:47 -06:00 |
|
snipe
|
9ed1442bd1
|
Merge pull request #10286 from uberbrady/fix_bulk_audit_xss
Escape asset_tag attribute at controller level for bulk checkout
|
2021-11-08 20:32:02 -08:00 |
|
Brady Wetherington
|
3ea209a507
|
Escape asset_tag attribute at controller level for consumption in bulk checkout
|
2021-11-08 20:27:43 -08:00 |
|
snipe
|
edf98cb795
|
Merge pull request #10279 from snipe/fixes/turn_get_into_post_for_custom_field_required
Turn custom fields required/optional/remove into POST requests
|
2021-11-08 14:37:36 -08:00 |
|
snipe
|
16d18bc7eb
|
Merge pull request #10283 from snipe/fixes/remove_get_logout_route
|
2021-11-08 12:55:19 -08:00 |
|
snipe
|
38c36af6fc
|
Changes logout to POST
Signed-off-by: snipe <snipe@snipe.net>
|
2021-11-08 12:53:11 -08:00 |
|
snipe
|
b5855e7be5
|
Removed get route for logout
Signed-off-by: snipe <snipe@snipe.net>
|
2021-11-08 12:35:15 -08:00 |
|
snipe
|
0d811d067c
|
Turn cusotm fields required/optional/remove into POST requests
Signed-off-by: snipe <snipe@snipe.net>
|
2021-11-05 10:53:48 -07:00 |
|
snipe
|
fba0e2b712
|
Revert tableexport
(It broke the npm run prod build)
Signed-off-by: snipe <snipe@snipe.net>
|
2021-11-03 16:17:19 -07:00 |
|
snipe
|
608c2f91a8
|
Updated package lock
Signed-off-by: snipe <snipe@snipe.net>
|
2021-11-03 16:04:48 -07:00 |
|
snipe
|
960028b376
|
Bumped version
Signed-off-by: snipe <snipe@snipe.net>
|
2021-11-03 16:04:39 -07:00 |
|
snipe
|
6690a0f1df
|
Merge pull request #10257 from Wouter0100/patch-1
fix(Docker): use correct python binary for exit listener
|
2021-11-02 14:53:35 -07:00 |
|
Wouter van Os
|
2c49c32e72
|
Fixed #10231: use correct python binary for exit listener
This fixes #10231, without creating an own Dockerfile.
|
2021-11-02 13:06:36 +01:00 |
|
snipe
|
76cc46c419
|
Merge pull request #9814 from 01ste02/importMinAmt
Improved Consumable Import: Import min_amt for consumables
|
2021-10-28 17:49:44 -07:00 |
|
snipe
|
dc71f6ddc6
|
Merge pull request #9871 from jethron/patch-1
Fixed: double slashes in branding logo URL path
|
2021-10-28 17:36:43 -07:00 |
|
snipe
|
7470fdb605
|
Merge pull request #9912 from snipe/snyk-upgrade-1377cc2d38a76585c814757398543f5f
[Snyk] Upgrade tableexport.jquery.plugin from 1.10.21 to 1.10.26
|
2021-10-28 17:15:10 -07:00 |
|
snipe
|
930e220cf1
|
Merge pull request #9915 from snipe/snyk-upgrade-b2b26cf8ec7a697fe0094f699652a345
[Snyk] Upgrade bootstrap-table from 1.18.2 to 1.18.3
|
2021-10-28 17:12:47 -07:00 |
|
snipe
|
2f9e5f79af
|
Merge pull request #10139 from FliegenKLATSCH/patch-1
API: Do not include deleted items per default on lookup by serial
|
2021-10-28 17:09:20 -07:00 |
|
snipe
|
927fba179d
|
Merge pull request #10241 from snipe/snyk-fix-a23047e623395f58c0f4d50feb55a3a3
[Snyk] Security upgrade jquery-ui from 1.12.1 to 1.13.0
|
2021-10-28 16:35:32 -07:00 |
|
snyk-bot
|
dfde50732b
|
fix: package.json & package-lock.json to reduce vulnerabilities
The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-JQUERYUI-1767167
- https://snyk.io/vuln/SNYK-JS-JQUERYUI-1767175
- https://snyk.io/vuln/SNYK-JS-JQUERYUI-1767767
|
2021-10-28 07:28:38 +00:00 |
|
snipe
|
7455318fcf
|
Merge pull request #10225 from snipe/fixes/default_label_in_status_label_api
Set default_label to 0 instead of null in API
|
2021-10-25 20:18:37 -07:00 |
|
snipe
|
17bf899a17
|
Set default_label to 0 instead of null in API
Signed-off-by: snipe <snipe@snipe.net>
|
2021-10-25 20:14:01 -07:00 |
|
snipe
|
a5230319b8
|
Merge pull request #10223 from snipe/fixes/fixed_missing_clone_button
Fixed #10222 - fixed permissions array to handle missing clone button
|
2021-10-25 15:39:28 -07:00 |
|
snipe
|
8b1c60a17a
|
Make gates a little more consistent
Signed-off-by: snipe <snipe@snipe.net>
|
2021-10-25 15:34:22 -07:00 |
|
snipe
|
033c3253bb
|
Fixed permissions array to handle missing clone button
Signed-off-by: snipe <snipe@snipe.net>
|
2021-10-25 14:10:17 -07:00 |
|
snipe
|
a88f622ec3
|
Bumped version
Signed-off-by: snipe <snipe@snipe.net>
|
2021-10-18 16:45:51 -07:00 |
|
snipe
|
f87ffb84d5
|
Merge pull request #10201 from snipe/fixes/xss_on_export
Fixes possible XSS on all-file-types export
|
2021-10-15 09:54:52 -07:00 |
|
snipe
|
bda23bb1e6
|
Fixes possible XSS on all-file-types export
Signed-off-by: snipe <snipe@snipe.net>
|
2021-10-15 11:50:52 -05:00 |
|
FliegenKLATSCH
|
24c484303e
|
Do not include deleted assets by default when doing lookup by serial
This commit introduces a new query parameter `deleted`, which can be set to `true` to include deleted assets in the response.
|
2021-10-09 08:56:31 +02:00 |
|
snipe
|
5d94b99035
|
Switched to 5 in one minute
Signed-off-by: snipe <snipe@snipe.net>
|
2021-10-08 15:53:32 -07:00 |
|
snipe
|
c4856c8aed
|
Merge pull request #10180 from snipe/fixes/add_rate_limiting_to_forgotten_password
Throttle password reset requests to 5 every 60 seconds
|
2021-10-08 15:44:43 -07:00 |
|
snipe
|
0674ef5a3d
|
Fixed number to 1 (for minutes)
Signed-off-by: snipe <snipe@snipe.net>
|
2021-10-08 15:43:32 -07:00 |
|
snipe
|
702791210e
|
Throttle password reset requests to 5 every 60 seconds
Signed-off-by: snipe <snipe@snipe.net>
|
2021-10-08 14:26:30 -07:00 |
|
snipe
|
1c77fd0d09
|
Merge pull request #10178 from inietov/bug/sc-17520/symfony_component_debug_exception_fatalthrowableerror
Fixed typo when setting the headers
|
2021-10-08 12:04:45 -07:00 |
|
Ivan Nieto Vivanco
|
d184da8611
|
Fixed typo (thanks @ssddanbrown)
|
2021-10-08 13:39:49 -05:00 |
|
snipe
|
ac76364140
|
Merge pull request #10172 from snipe/fixes/S3_upload_preview
Fixed models preview - Use Storage:: facade
|
2021-10-06 13:14:02 -07:00 |
|
snipe
|
7848a3c3dc
|
Use Storage:: facade for image preview for models
Signed-off-by: snipe <snipe@snipe.net>
|
2021-10-06 13:12:42 -07:00 |
|
snipe
|
f41ec640fe
|
Added Huntr.dev badge
Signed-off-by: snipe <snipe@snipe.net>
|
2021-10-06 12:49:30 -07:00 |
|
snipe
|
fc5efd857f
|
Merge pull request #10171 from snipe/fixes/xss_svg_in_file_uploads
Fixed SVG XSS vuln
|
2021-10-06 12:38:51 -07:00 |
|
snipe
|
ccd430ce07
|
Switched back down to debug level
Signed-off-by: snipe <snipe@snipe.net>
|
2021-10-06 12:38:21 -07:00 |
|
snipe
|
f306401e7e
|
Fixed SVG XSS vuln
Signed-off-by: snipe <snipe@snipe.net>
|
2021-10-06 12:26:45 -07:00 |
|
snipe
|
c06a93ef13
|
Removed extra brace in assets for components
Signed-off-by: snipe <snipe@snipe.net>
|
2021-10-06 10:38:13 -07:00 |
|
snipe
|
17d4e25e60
|
Merge pull request #10167 from inietov/bug/sc-17520/symfony_component_debug_exception_fatalthrowableerror
Set headers in a different manner in the middleware [sc-17520]
|
2021-10-05 14:06:39 -07:00 |
|
Ivan Nieto Vivanco
|
ef6eea67d8
|
Set headers in a different manner in the middleware
|
2021-10-05 14:09:35 -05:00 |
|
snipe
|
84c73aae5d
|
Merge pull request #10165 from snipe/fixes/set_restore_actions_to_POST_requests
Set restore actions to POST requests instead of GET
|
2021-10-04 20:40:33 -07:00 |
|
snipe
|
dc3af7cc74
|
Resolved conflicts
Signed-off-by: snipe <snipe@snipe.net>
|
2021-10-04 20:39:24 -07:00 |
|
snipe
|
34eab88b7e
|
Removed debugging
Signed-off-by: snipe <snipe@snipe.net>
|
2021-10-04 20:25:31 -07:00 |
|
snipe
|
903609b5a5
|
Updated languages
Signed-off-by: snipe <snipe@snipe.net>
|
2021-10-04 19:59:55 -07:00 |
|